<?php
define('TOKEN', 'gxsh2019');
function checkSignature()
{
    $signature = $_GET['signature'];
    $timestamp = $_GET['timestamp'];
    $nonce = $_GET['nonce'];

    $tmpArr = [TOKEN, $timestamp, $nonce];
    sort($tmpArr, SORT_STRING);

    $tmpStr = implode($tmpArr);
    $temStr = sha1($tmpStr);

    if ($temStr == $signature) {
        return true;
    }else{
        return false;
    }
}

if(checkSignature()) {
    echo $_GET['echostr'];
}else{
    echo 'error';
}